qt-x11 - CVE-2007-3388

(cherry picked from commit 783e4577f95aa6d9497d63ed485aca78f2553157)
author: Treeve Jelbert 2007-08-03 21:40:01 +0200
committer: Eric Sandall 2007-08-04 13:33:28 -0700
commit: 3c3dd1f8fe1841fc90b286fef571fb98ded619c4 (patch)
tree: 7a495979bb41edf8dd31d64c9153e07ee11bb500
parent: c0efb8dea470906b2850e310e0b078ad11240daa (diff)
4 files changed, 197 insertions, 2 deletions
diff --git a/x11-toolkits/qt-x11/170529.diff b/x11-toolkits/qt-x11/170529.diff
new file mode 100644
index 0000000000..969c536c1a
--- /dev/null
+++ b/x11-toolkits/qt-x11/170529.diff
@@ -0,0 +1,189 @@
+--- //depot/qt/3/src/widgets/qtextedit.cpp	Mon Jul 16 10:44:40 CEST 2007
++++ //depot/qt/3/src/widgets/qtextedit.cpp	Mon Jul 16 10:44:40 CEST 2007
+
+@@ -6349,7 +6349,7 @@
+ 		    cur = tag->prev;
+ 		    if ( !cur ) {
+ #ifdef QT_CHECK_RANGE
+-			qWarning( "QTextEdit::optimParseTags: no left-tag for '<" + tag->tag + ">' in line %d.", tag->line + 1 );
++			qWarning( "QTextEdit::optimParseTags: no left-tag for '<%s>' in line %d.", tag->tag.ascii(), tag->line + 1 );
+ #endif
+ 			return; // something is wrong - give up
+ 		    }
+@@ -6372,7 +6372,7 @@
+ 				    break;
+ 				} else if ( !cur->leftTag ) {
+ #ifdef QT_CHECK_RANGE
+-				    qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<" + cur->tag + ">' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->line + 1 );
++				    qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<%s>' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->tag.ascii(), cur->line + 1 );
+ #endif
+ 				    return; // something is amiss - give up
+ 				}
+--- //depot/qt/3/src/sql/qdatatable.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/sql/qdatatable.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -1043,8 +1043,8 @@
+ 	return FALSE;
+     if ( !sqlCursor()->canInsert() ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning("QDataTable::insertCurrent: insert not allowed for " +
+-		 sqlCursor()->name() );
++	qWarning("QDataTable::insertCurrent: insert not allowed for %s",
++		 sqlCursor()->name().latin1() );
+ #endif
+ 	endInsert();
+ 	return FALSE;
+@@ -1117,16 +1117,16 @@
+ 	return FALSE;
+     if ( sqlCursor()->primaryIndex().count() == 0 ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning("QDataTable::updateCurrent: no primary index for " +
+-		 sqlCursor()->name() );
++	qWarning("QDataTable::updateCurrent: no primary index for %s",
++		 sqlCursor()->name().latin1() );
+ #endif
+ 	endUpdate();
+ 	return FALSE;
+     }
+     if ( !sqlCursor()->canUpdate() ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning("QDataTable::updateCurrent: updates not allowed for " +
+-		 sqlCursor()->name() );
++	qWarning("QDataTable::updateCurrent: updates not allowed for %s",
++		 sqlCursor()->name().latin1() );
+ #endif
+ 	endUpdate();
+ 	return FALSE;
+@@ -1191,8 +1191,8 @@
+ 	return FALSE;
+     if ( sqlCursor()->primaryIndex().count() == 0 ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning("QDataTable::deleteCurrent: no primary index " +
+-		 sqlCursor()->name() );
++	qWarning("QDataTable::deleteCurrent: no primary index %s",
++		 sqlCursor()->name().latin1() );
+ #endif
+ 	return FALSE;
+     }
+
+--- //depot/qt/3/src/sql/qsqldatabase.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/sql/qsqldatabase.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -234,7 +234,8 @@
+ 	db->open();
+ #ifdef QT_CHECK_RANGE
+ 	if ( !db->isOpen() )
+-	    qWarning("QSqlDatabaseManager::database: unable to open database: " + db->lastError().databaseText() + ": " + db->lastError().driverText() );
++	    qWarning("QSqlDatabaseManager::database: unable to open database: %s: %s",
++                    db->lastError().databaseText().latin1(), db->lastError().driverText().latin1() );
+ #endif
+     }
+     return db;
+@@ -686,7 +687,7 @@
+     if ( !d->driver ) {
+ #ifdef QT_CHECK_RANGE
+ 	qWarning( "QSqlDatabase: %s driver not loaded", type.latin1() );
+-	qWarning( "QSqlDatabase: available drivers: " + drivers().join(" ") );
++	qWarning( "QSqlDatabase: available drivers: %s", drivers().join(" ").latin1() );
+ #endif
+ 	d->driver = new QNullDriver();
+ 	d->driver->setLastError( QSqlError( "Driver not loaded", "Driver not loaded" ) );
+
+--- //depot/qt/3/src/sql/qsqlindex.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/sql/qsqlindex.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -273,7 +273,7 @@
+ 	if ( field )
+ 	    newSort.append( *field, desc );
+ 	else
+-	    qWarning( "QSqlIndex::fromStringList: unknown field: '" + f + "'" );
++	    qWarning( "QSqlIndex::fromStringList: unknown field: '%s'", f.latin1());
+     }
+     return newSort;
+ }
+
+--- //depot/qt/3/src/sql/qsqlrecord.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/sql/qsqlrecord.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -298,7 +298,7 @@
+ 	    return i;
+     }
+ #ifdef QT_CHECK_RANGE
+-    qWarning( "QSqlRecord::position: unable to find field " + name );
++    qWarning( "QSqlRecord::position: unable to find field %s", name.latin1() );
+ #endif
+     return -1;
+ }
+@@ -313,7 +313,7 @@
+     checkDetach();
+     if ( !sh->d->contains( i ) ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) );
++	qWarning( "QSqlRecord::field: index out of range: %d", i );
+ #endif
+ 	return 0;
+     }
+@@ -344,7 +344,7 @@
+ {
+     if ( !sh->d->contains( i ) ) {
+ #ifdef QT_CHECK_RANGE
+-	qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) );
++	qWarning( "QSqlRecord::field: index out of range: %d", i  );
+ #endif // QT_CHECK_RANGE
+ 	return 0;
+     }
+
+--- //depot/qt/3/src/tools/qglobal.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/tools/qglobal.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -680,7 +680,7 @@
+     if ( code != -1 )
+ 	qWarning( "%s\n\tError code %d - %s", msg, code, strerror( code ) );
+     else
+-	qWarning( msg );
++	qWarning( "%s", msg );
+ #endif
+ #else
+     Q_UNUSED( msg );
+
+--- //depot/qt/3/src/xml/qsvgdevice.cpp	Mon Jul 16 10:45:03 CEST 2007
++++ //depot/qt/3/src/xml/qsvgdevice.cpp	Mon Jul 16 10:45:03 CEST 2007
+
+@@ -978,7 +978,7 @@
+ 		// ### catch references to embedded .svg files
+ 		QPixmap pix;
+ 		if ( !pix.load( href ) ) {
+-		    qWarning( "QSvgDevice::play: Couldn't load image "+href );
++		    qWarning( "QSvgDevice::play: Couldn't load image %s", href.latin1() );
+ 		    break;
+ 		}
+ 		pt->drawPixmap( QRect( x1, y1, w, h ), pix );
+@@ -1024,8 +1024,8 @@
+                 break;
+ 	    }
+ 	case InvalidElement:
+-	    qWarning( "QSvgDevice::play: unknown element type " +
+-		      node.nodeName() );
++	    qWarning( "QSvgDevice::play: unknown element type %s",
++		      node.nodeName().latin1() );
+ 	    break;
+ 	};
+ 
+@@ -1111,7 +1111,7 @@
+ {
+     QRegExp reg( QString::fromLatin1("([+-]?\\d*\\.*\\d*[Ee]?[+-]?\\d*)(em|ex|px|%|pt|pc|cm|mm|in|)$") );
+     if ( reg.search( str ) == -1 ) {
+-	qWarning( "QSvgDevice::parseLen: couldn't parse " + str );
++	qWarning( "QSvgDevice::parseLen: couldn't parse %s ", str.latin1() );
+ 	if ( ok )
+ 	    *ok = FALSE;
+ 	return 0.0;
+@@ -1140,7 +1140,7 @@
+ 	else if ( u == "pc" )
+ 	    dbl *= m.logicalDpiX() / 6.0;
+ 	else
+-	    qWarning( "QSvgDevice::parseLen: Unknown unit " + u );
++	    qWarning( "QSvgDevice::parseLen: Unknown unit %s",  u.latin1() );
+     }
+     if ( ok )
+ 	*ok = TRUE;
diff --git a/x11-toolkits/qt-x11/DETAILS b/x11-toolkits/qt-x11/DETAILS
index bf0b814939..565e387605 100755
--- a/x11-toolkits/qt-x11/DETAILS
+++ b/x11-toolkits/qt-x11/DETAILS
@@ -10,7 +10,7 @@ SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-free-$VERSION
         WEB_SITE=http://www.trolltech.com/qt/x11.html
         KEYWORDS="qt x11 libs"
          ENTERED=20020410
-  SECURITY_PATCH=2
+  SECURITY_PATCH=3
             DOCS="FAQ README README-QT.TXT"
            SHORT="Qt simplifies writing and maintaining GUI applications"
 cat << EOF
diff --git a/x11-toolkits/qt-x11/HISTORY b/x11-toolkits/qt-x11/HISTORY
index 463e901ec1..6c057372f0 100644
--- a/x11-toolkits/qt-x11/HISTORY
+++ b/x11-toolkits/qt-x11/HISTORY
@@ -1,3 +1,9 @@
+2007-08-03 Treeve Jelbert <treeve@sourcemage.org>
+	* DETAILS: SECURITY_PATCH++
+	* PRE_BUILD:apply patch
+	* 170529.diff: added
+	  fixes bug #13923
+
 2007-05-05 Treeve Jelbert <treeve@sourcemage.org>
 	* DETAILS: SECURITY_PATCH++
 	* PRE_BUILD:apply patch
diff --git a/x11-toolkits/qt-x11/PRE_BUILD b/x11-toolkits/qt-x11/PRE_BUILD
index d6a04ec76b..6ccb4a4136 100755
--- a/x11-toolkits/qt-x11/PRE_BUILD
+++ b/x11-toolkits/qt-x11/PRE_BUILD
@@ -2,7 +2,7 @@ default_pre_build     &&
 cd $SOURCE_DIRECTORY  &&
 # apply patches
 patch -p0 < $SPELL_DIRECTORY/Qt-3.3.8-UTF-8-fix.diff &&
-
+patch -p4 < $SPELL_DIRECTORY/170529.diff &&
 # fix detecction of firebird
 sedit "s/-lgds//" configure  &&
 sedit "/gds/D;/\t}/D" plugins/src/sqldrivers/ibase/ibase.pro &&
author	Treeve Jelbert	2007-08-03 21:40:01 +0200
committer	Eric Sandall	2007-08-04 13:33:28 -0700
commit	3c3dd1f8fe1841fc90b286fef571fb98ded619c4 (patch)
tree	7a495979bb41edf8dd31d64c9153e07ee11bb500
parent	c0efb8dea470906b2850e310e0b078ad11240daa (diff)